EVENTS
0
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY

Motivations July H1 2023

No Data Found

Attack Techniques July H1 2023

No Data Found

In the first half of July 2023, I collected 161 events (corresponding to 10.73 events per day), a number that, despite significantly lower than the two timelines of June (part I and part II) with respectively 12.27 and 12 events per day, confirms the sustained trend of this mid 2023, fueled by the exploitation at scale of the CVE-2023-34362 MOVEit vulnerability by the Clop (AKA Cl0p) ransomware group.

Consequently the attacks carried out exploiting vulnerabilities were still on top of the attack techniques with the new record of 36% (58 out of 161 events) beating the previous value of 29.8% (53 out of 178 events) recorded during the second half of June. The other obvious consequence was the increase of the percentage of events directly or indirectly characterized by ransomware, soaring to 44.72% (72 out of 161 events) up from 40.3% (72 out of 178 events) of the previous timeline, and again a new record.

The fintech sector was quite under pressure during the first half of July, with multiple massive hacks (translating in multiple losses of dollars) hitting several organizations, some of which were hit twice during this fortnight, such as Multichain (that lost a total of 228 million dollars worth despite it is not clear if the incidents were real cyber attacks or a rug pull) or even Rodeo Finance that lost the equivalent of “only” 1.5 million dollars. Another fintech company hit hard was Poly Network, which lost the equivalent of 4.4 million dollars, and in the same time the Financial Time revealed that In early 2022, threat actors exploited a zero-day flaw in Revolut to steal more than $20 million.

In terms of mega breaches, the personal information of nearly 35 million Indonesian passport holders was put up for sale on the dark web for $10,000 by a notorious hacktivist with the moniker of Bjorka, while HCA Healthcare disclosed a data breach impacting an estimated 11 million patients.

The Cyber Espionage front was quite crowded this fortnight, with multiple high-profile campaigns unearthed and carried out by known threat actors against organizations in Ukraine, such as Gamaredon and GhostWriter. Other interesting events, just to mention a few, include a campaign dubbed SmugX carried out by a Chinese threat actor and targeting embassies and foreign affairs ministries in multiple countries, the supply chain attack against JumpCloud by the North Korean Lazarus Group, the attack launched by RomCom against the NATO Summit attendees, the campaign launched by the Iranian Charming Kitten against experts in Middle Eastern affairs and nuclear security, and the widespread attack, orchestrated by a Chinese group dubbed Storm-0558 against 25 organizations worldwide, including U.S. and Western European government agencies, using forged authentication tokens,

In terms of hacktivism: the Cyber Partisans attacked the largest university in Belarus (Belarusian State University – BSU), the Ukrainian IT Army took down the Russian state-owned railway company RZD, SiegedSec continued their campaign against the U.S. and  KromSec leaked the personal information belonging to more than 1,100 employees of the French Ministry of Justice.

My suggestion is always the same: browse the timeline, and obviously thanks for sharing it and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map June H2 2023

No Data Found

BE NOTIFIED OF NEW POSTS

SUPPORT MY WORK!
MAKE A DONATION

Creating the timelines is a very time-consuming task.

Any little helps!

BREACHOMETER

No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND

No Data Found

POPULAR POSTS
  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • Q4 2023 Featured ImageQ4 2023 Cyber Attacks Statistics

    In Q4 2023, cyber attack events decreased by 7.1% to 1029 compared to the previous quarter. Cybercrime remains the primary motive, although slightly reduced, while malware tops attack techniques, increasing from the last quarter. Multiple industries and healthcare are the most targeted sectors. These statistics ...

  • close up view of system hacking16-31 January 2024 Cyber Attacks Timeline

    In the second timeline of January 2024 I collected 168 events (10.50 events/day), dominated by ransomware, ahead of malware and the exploitation of vulnerabilities. There were also several mega breaches, multiple operations against fintech organizations, and the usual wave of attacks motivated by cyber espionage.

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.

TWITTER

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.